<?
session_start();
include("config.php");
if ($_SESSION['admin']!="OK")
{
	echo "<script language='javascript'>alert('Please log in!');window.location.href='login.php';</script>";
	exit;
}
?>
<html> 
<head> 
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> 
<title>Questionnaire Survey System Management</title> 
<link href="main.css" rel="stylesheet" type="text/css" />
<script language="javascript">
function check_message()
{
	if(window.document.eidtadmin.admin_name.value=="")
	{
		alert("Admin Username is empty");
		document.eidtadmin.admin_name.focus();
		return false;
	}
	if(document.eidtadmin.password.value=="")
	{
		alert("Please fill the previous passwd");
		document.eidtadmin.password.focus();
		return false;
	}
	if(document.eidtadmin.newpassword.value=="")
	{
		alert("Please fill the new passwd");
		document.eidtadmin.newpassword.focus();
		return false;
	}
	return true;
}
</script>
</head> 
<body>
<div id=main>
<div class=title>Modify Administractor Account and Password</div>
<div id="menu">
	<ul>
		<li><a href='admin.php'>Administraction</a></li>
		<li><a href="editadmin.php">Your Account</a></li>
		<li><a href="addtitle.php" class="top">Add vote topic</a></li>
		<li><a href="showvote.php" target="_blank">Vote result</a></li>
		<li><a href="javascript:$msg=confirm('Are u sure to clean the result?');$msg?window.location.href='clearResult.php':history.go(0);">Delete Result</a></li>
		<li><a href="loginout.php">Log out</a></li>
		<li><a href="index.php" target="_blank">Home</a></li>
</ul>
</div>
<?
$name=$_POST['admin_name']; 
$adminpassword=$_POST['password'];  
$newpassword=$_POST['newpassword']; 
$editpass=$_POST['editpass']; 
if ($editpass=="1")
{
	$conn=mysql_connect($host,$user,$password); 
	mysql_query("SET NAMES UTF8");  
	mysql_select_db($db); 
	$sql="select * from vote_users";
	$result=mysql_query($sql);
	$rs=@mysql_fetch_object($result);
	echo $adminpassword;
	if ($rs->password==$adminpassword)
	{
		$sql="update vote_users set admin_name='$name'";
		$result=mysql_query($sql);
		$sql="update vote_users set password='$newpassword'";
		$UpResult=mysql_query($sql);
		if (!($UpResult))
		{
			echo "Updated Failed";
			exit;
		}
		else
		{
			echo "<script language='javascript'>alert('Updated Succeed!');window.location.href='admin.php';</script>";
			exit;
		}
	}
	else 
	{
		echo "<script language='javascript'>alert('Previous passwd is wrong');history.go(-1);</script>";
		exit;
	}
}

?>
<form action="" method="post" name="eidtadmin" id="eidtadmin">
<div class=main1>
	<div class="user">Username:<input name="admin_name" type="text" maxlength="20" class="inputs" /></div>
</div>
<div class=main1>
	<div class="password">Password:<input name="password" type="password" maxlength="20" class="inputs" /></div>
</div>
<div class=main1>
	<div class="password">New Passwd:<input name="newpassword" type="password" maxlength="20" class="inputs" /></div>
</div>
<div class=main1>
	<div class="submit3">
		<input name="submit" type="submit" value="submit" onClick="return check_message()" class="inputs"/>
		<input name="B2" type="reset" value="reset" class="inputs" />
		<input name="editpass" type="hidden" value="1" id="editpass" />
	</div>
</div>
</form>
</div>
<br />
<center>CopyRight@FengYL </center>
</body>
</html>
